The newest version of the apparmor 3 kernel patches. I dropped the first
chunk of patches from here that have been out multiple times. If you want
the full set you can pull from
git://git.kernel.org/pub/scm/linux/kernel/git/jj/linux-apparmor aa-next2
The patches have been revised for all errors pointed out so far, and
several more that haven't been (memleaks, bad refcounts, domain transition
bugs, ...), as well as reorganized a bit.
The reorganization groups the patches into logical sets that will be
collapsed to a single or small number of patches in the final pass.
Base for extensions and fs interface
[PATCH 01/24] apparmor: provide base for multiple profiles to be
RCU lock conversion
[PATCH 02/24] apparmor: convert profile lists to RCU based locking
[PATCH 03/24] apparmor: change how profile replacement update is
[PATCH 04/24] apparmor: update how unconfined is handled
[PATCH 05/24] apparmor: fix namespace to be freeded via RCU
[PATCH 06/24] apparmor: rework namespace free path
[PATCH 07/24] apparmor: use free_profile instead of put_profile when
Default profile
[PATCH 08/24] apparmor: provide the ability to boot with a default
[PATCH 09/24] apparmor: fix fs extry display for default profile
[PATCH 10/24] apparmor: allow setting any profile into the
New fs introspecition interface
[PATCH 11/24] apparmor: Add interface files for profiles and
[PATCH 12/24] apparmor: merge profile mode names
[PATCH 13/24] apparmor: fix the locking etc. in the new policy
[PATCH 14/24] apparmor: add an optional profile attachment string
labeling and stacking
[PATCH 15/24] apparmor: reuse name string from previous profile
[PATCH 16/24] apparmor: add basic support for implicit labeling of
[PATCH 17/24] apparmor: baby step - now add labels to the labelset
[PATCH 18/24] apparmor: move replacedby to use labels instead of
[PATCH 19/24] apparmor: introduce using labels from contexts
[PATCH 20/24] apparmor: add abilitiy to print labels and update
[PATCH 21/24] apparmor: rework auditing to use the label
[PATCH 22/24] apparmor: audit the profile and namespace for all
[PATCH 23/24] apparmor: treat each task as if the label can have
[PATCH 24/24] apparmor: remove FLAG_MEDIATE_DELETED